Skip to content
GitLab
Projects Groups Topics Snippets
  • /
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in
  • Trac Trac
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Issues 246
    • Issues 246
    • List
    • Boards
    • Service Desk
    • Milestones
  • Monitor
    • Monitor
    • Metrics
    • Incidents
  • Analytics
    • Analytics
    • Value stream
  • Wiki
    • Wiki
  • Activity
  • Create a new issue
  • Issue Boards
Collapse sidebar
  • Legacy
  • TracTrac
  • Issues
  • #21323
Closed (moved) (moved)
Open
Issue created Jan 26, 2017 by Arthur Edelstein@arthuredelstein

Activate mixed content blocking

I'm informed that HTTPS-Everywhere has likely disabled any rules that break with mixed content blocking for active content, as suggested in https://bugzilla.mozilla.org/show_bug.cgi?id=878890#c20. So I think we should activate MCB (set "security.mixed_content.block_active_content" to true). It seems dangerous to have it disabled, and Firefox's default value is true as well.

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking